Question
In my android application i extensively use Log.i, Log.e.
On these commands I usually pass SQLite queries or http rest urls that communicate with my application.
My question is: Is it safe to keep these logs when the application reaches the Play store ? If a user runs the application with his device connected on his computer will he be able to view the Log messages on his LogCat ?
Solution
If the users connect the device to a computer and read the logcat, they can see all the log messages that your app generates.
A possible solution is use Proguard to remove (automatically) all the log messages.
More info on this answer: How to configure proguard to ONLY remove android logging calls
Hope it helps.
OTHER TIPS
Yes, the user will be able to read those log files. Is it 'safe'? Depends. Are your rest calls or sqlite queries a secret? All the network communication could be read anyways with wireshark for instance.
What I do when I release my apps is: I create my own Log class with methods i, d, e etc and use this Log class instead of the Android one, because then I can use a simple switch like boolean debug = true according to which I write to the LogCat or don't. That way I can leave all my log statements in the app.
When you've written your own Log class, to use it all over your app, you can simply replace all
https://stackoverflow.com/questions/22809463
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianimport android.util.Log;
with
import your.package.Log;
with Eclipse.
Logging is a very handy debugging and diagnostic technique used by developers. Use the logging class provided as part of the Android SDK to log important information about your application to LogCat, but make sure you review your application’s logging implementation prior to publication, as logging has performance drawbacks.
Before releasing your application Review your log carefully so it doesn't leak any confidential data.
Logging is very important whenever your application is in testing mode. Logs will provide you current state and scenario of your application on current device. So it's very helpful whenever you will update your application.
Sometimes Google play rejects your application if they found your Logging mechanism violates the rules.
No it is not safe to keep Log methods on Production. These logs can be used to trace different callbacks in Android and if you are showing Database records in them then you must remove those before publishing your app.
And you don't have to remove Log callbacks one by one in your project. You can use Proguard to remove Log methods automatically by just writing few lines in proguard-project.txt present in root of your project.
